nyrahul’s gists

nyrahul / perms.sh

Created November 11, 2024 10:45

Fix permissions

	kubectl exec -it -n accuknox-divy deployments/uwsgi -- python3 manage.py shell -c "from source.models.roles import Role
	from tenant.models import Permission,Client, VisiblePermissions
	from django_tenants.utils import schema_context
	for client in Client.objects.exclude(schema_name__in=['root']):

	with schema_context(client.schema_name):
	print(client.schema_name)
	admin_role = Role.objects.get(name='Admin')

	for permission in Permission.objects.all():

nyrahul / check-job-status.sh

Last active August 4, 2024 04:46

Check cluster kueue job status

	# Show all workloads/jobs
	kubectl get workload -A -o json \| jq '.items[] \| "\(.metadata.namespace) \(.metadata.name) \(.status.conditions[-1].type)"'

	# Show Admitted workloads/jobs
	kubectl get workload -A -o json \| jq -c '.items[] \| select(.status.conditions[-1].type == "Admitted") \| [.metadata.namespace,.metadata.name]'

	# Get all jobs across all namespaces in Pending state ... AccuKnox executes the jobs in init containers
	kubectl get pods -A --selector job-type=accuknox-jobs --field-selector=status.phase==Pending

	# list k8s-jobs queue

nyrahul / clam.sh

Last active April 15, 2024 07:47

clamav scan

	#!/bin/bash

	# Update scan database
	sudo freshclam --datadir=$PWD/clamdb --foreground

	# Run the scan on the given folder path
	docker run \
	-it --rm \
	--mount type=bind,source=$PWD/env,target=/scandir \
	-v $PWD/clamdb:/clamdb \

nyrahul / artifact api.sh

Last active August 5, 2024 18:43

AccuKnox Artifact API

	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \| sh -s -- -b /usr/local/bin
	trivy image -f json -o results.json --timeout 3600s nginx:latest

	curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2618&data_type=TR&save_to_s3=True&label_id=testknox' --header 'Tenant-Id: 2618' --header 'Authorization: Bearer <TOKEN>' --form 'file=@"results.json"'

	# Sonar qube scanner
	sonar-scanner -Dsonar.token=<SQ-TOKEN> -Dsonar.projectKey=nimbus -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json
	curl -u <SQ-TOKEN>: 'http://35.188.10.229:9000/api/issues/search?components=nimbus' -o sonar-report.json
	curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2509&data_type=SQ&save_to_s3=True&label_id=SAST' --header 'Tenant-Id: 2509' --header 'Authorization: Bearer <ARTIFACT-TOKEN>' --form 'file=@"sonar-report.json"'

nyrahul / ai-security-bookmarks.md

Last active August 5, 2024 13:26

AI Security bookmarks

Public sources

Title	Type	Comment
AI-Exploits	code	A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
LLM-Guard	code	The Security Toolkit for LLM Interactions
Garak	code	LLM vulnerability scanner
NIST AI RMF Playbook	doc	NST AI RM Playbook
MITRE ATLAS	doc	Adversarial Threat Landscape for AI Systems
NIST AI 100-2e2023	doc	Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations

nyrahul / prevent-crypto-miners.yaml

Last active March 22, 2024 10:20

KubeArmor policy template for preventing crypto miners execution

	apiVersion: security.kubearmor.com/v1
	kind: KubeArmorPolicy
	metadata:
	name: prevent-crypto-miners
	spec:
	selector:
	matchLabels:
	app: wordpress

	action: Block

nyrahul / tenant-status.py

Last active May 30, 2024 10:18

CSPM get tenant status

	-----
	# exec into any celery pod
	# python3 manage.py shell
	# Cut paste below code and execute
	# kubectl exec -n accuknox-divy deployments/uwsgi -- python3 manage.py generate_report > report.csv

	from django.core.management.base import BaseCommand
	from django.db import connection
	from django.utils import timezone
	from django_tenants.utils import schema_context

nyrahul / kind-cluster-issue-apparmor.md

Last active September 24, 2023 15:47

Step 1: Create cluster

./create-cluster.sh

Step 2: Install apparmor utilities

# Install apparmor utilites in the kind cluster nodes
docker exec -it cluster01-worker bash -c "apt update && apt install apparmor-utils -y && systemctl restart containerd"
docker exec -it cluster01-control-plane bash -c "apt update && apt install apparmor-utils -y && systemctl restart containerd"

nyrahul / pulsar-admin.sh

Last active April 21, 2024 17:56

	bin/pulsar-admin tenants list
	bin/pulsar-admin namespaces list "accuknox"
	bin/pulsar-admin topics list "accuknox/cluster"
	bin/pulsar-admin topics list "accuknox/datapipeline"
	bin/pulsar-admin topics stats "persistent://accuknox/datapipeline/kubearmoralerts" \| less
	bin/pulsar-admin topics examine-messages --initialPosition latest --messagePosition 1 "persistent://accuknox/datapipeline/kubearmoralerts"

	bin/pulsar-admin topics clear-backlog -s "accuknox-data-offloader" "persistent://accuknox/datapipeline/kubearmoralerts"

nyrahul / nmap-scan.sh

Created June 23, 2023 13:25

Get nmap report for TLS/SSL and convert it to json

	nmap -Pn -sT -p 3000 localhost --script ssl-cert --script ssl-enum-ciphers --script ssl-cert -oX t.xml
	yq . t.xml -o json --xml-attribute-prefix '' > t.json

Rahul Jadhav nyrahul

Public sources

Step 1: Create cluster

Step 2: Install apparmor utilities